WIP: feat(workflows): add new build workflows for Windows, Linux, and macOS, and remove obsolete build scripts #17
@ -35,13 +35,22 @@ jobs:
|
||||
|
||||
echo "Created entitlements file:"
|
||||
cat LuckyRobots.entitlements
|
||||
|
||||
# Move entitlements to home directory to ensure consistent access
|
||||
cp LuckyRobots.entitlements ~/LuckyRobots.entitlements
|
||||
shell: bash
|
||||
|
||||
- name: Download and Extract Artifact
|
||||
id: extract-artifact
|
||||
run: |
|
||||
# Working with absolute paths to eliminate path inconsistencies
|
||||
WORKSPACE_DIR="$(pwd)"
|
||||
BUILDS_DIR="$WORKSPACE_DIR/Builds"
|
||||
EXTRACT_DIR="$WORKSPACE_DIR/temp_extract"
|
||||
|
||||
# Create directories
|
||||
mkdir -p Builds/Mac
|
||||
mkdir -p "$BUILDS_DIR/Mac"
|
||||
mkdir -p "$EXTRACT_DIR"
|
||||
|
||||
# Download specific artifact
|
||||
echo "Downloading build artifact..."
|
||||
@ -50,45 +59,69 @@ jobs:
|
||||
ARTIFACT_URL="https://luckyrobots.com/LuckyRobots/LuckyWorld/actions/runs/84/artifacts/LuckyRobots-macOS"
|
||||
|
||||
echo "Using artifact URL: $ARTIFACT_URL"
|
||||
BUILD_ZIP="$WORKSPACE_DIR/build.zip"
|
||||
|
||||
# Download the artifact
|
||||
curl -L "$ARTIFACT_URL" -o build.zip
|
||||
curl -L "$ARTIFACT_URL" -o "$BUILD_ZIP"
|
||||
|
||||
# First unzip - Outer artifact zip file
|
||||
echo "Extracting outer zip file..."
|
||||
unzip -o build.zip -d temp_extract/
|
||||
unzip -o "$BUILD_ZIP" -d "$EXTRACT_DIR"
|
||||
|
||||
# List the contents of temp_extract
|
||||
echo "Contents of temp_extract:"
|
||||
ls -la temp_extract/
|
||||
ls -la "$EXTRACT_DIR"
|
||||
|
||||
# Second unzip - Inner macOS app package
|
||||
echo "Extracting inner zip file..."
|
||||
INNER_ZIP=$(find temp_extract -name "*.zip" | head -1)
|
||||
# Handle case where the artifact might have different structure
|
||||
# Try to find any zip files recursively
|
||||
echo "Searching for zip files in extract directory..."
|
||||
ZIP_FILES=$(find "$EXTRACT_DIR" -name "*.zip" -type f)
|
||||
echo "Found ZIP files: $ZIP_FILES"
|
||||
|
||||
if [[ -z "$INNER_ZIP" ]]; then
|
||||
echo "Could not find inner zip in artifact"
|
||||
exit 1
|
||||
# Create target directory for Mac app
|
||||
TARGET_DIR="$BUILDS_DIR/Mac"
|
||||
mkdir -p "$TARGET_DIR"
|
||||
|
||||
# Extract all found zip files
|
||||
for ZIP_FILE in $ZIP_FILES; do
|
||||
echo "Extracting: $ZIP_FILE to $TARGET_DIR"
|
||||
unzip -o "$ZIP_FILE" -d "$TARGET_DIR"
|
||||
done
|
||||
|
||||
# Look for LuckyWorld-Mac-Shipping.app specifically
|
||||
if [ -d "$TARGET_DIR/LuckyWorld-Mac-Shipping.app" ]; then
|
||||
APP_PATH="$TARGET_DIR/LuckyWorld-Mac-Shipping.app"
|
||||
echo "Found specific app: $APP_PATH"
|
||||
else
|
||||
# Try to find any .app bundle recursively
|
||||
echo "Searching for .app bundles in all directories..."
|
||||
APP_PATH=$(find "$BUILDS_DIR" -name "*.app" -type d | head -1)
|
||||
|
||||
if [ -z "$APP_PATH" ]; then
|
||||
echo "Could not find any .app bundle. Looking in other directories..."
|
||||
APP_PATH=$(find "$WORKSPACE_DIR" -name "*.app" -type d | head -1)
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "Found inner zip: $INNER_ZIP"
|
||||
unzip -o "$INNER_ZIP" -d Builds/Mac/
|
||||
|
||||
# Recursive search for .app directory
|
||||
echo "Searching for .app bundle..."
|
||||
APP_PATH=$(find Builds -type d -name "*.app" -print 2>/dev/null | head -1)
|
||||
|
||||
if [[ -z "$APP_PATH" ]]; then
|
||||
echo "Could not find app bundle in extracted files"
|
||||
if [ -z "$APP_PATH" ]; then
|
||||
echo "ERROR: Could not find any .app bundle"
|
||||
echo "Contents of Builds directory:"
|
||||
find Builds -type d | sort
|
||||
echo "All directories in workspace:"
|
||||
find . -type d -maxdepth 4 | grep -v "node_modules\|.git" | sort
|
||||
find "$BUILDS_DIR" -type d | sort
|
||||
echo "Contents of extracted files:"
|
||||
find "$EXTRACT_DIR" -type f | sort
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Found app bundle: $APP_PATH"
|
||||
echo "app_path=$APP_PATH" >> $GITHUB_OUTPUT
|
||||
echo "Found app bundle at: $APP_PATH"
|
||||
# Make a local copy to ensure access
|
||||
LOCAL_APP="$WORKSPACE_DIR/LuckyWorld.app"
|
||||
echo "Creating accessible copy at: $LOCAL_APP"
|
||||
|
||||
# Remove if exists
|
||||
rm -rf "$LOCAL_APP"
|
||||
cp -R "$APP_PATH" "$LOCAL_APP"
|
||||
|
||||
echo "app_path=$LOCAL_APP" >> $GITHUB_OUTPUT
|
||||
shell: bash
|
||||
|
||||
- name: Validate App Path
|
||||
@ -103,22 +136,18 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Ensure the path is absolute
|
||||
if [[ "$APP_PATH" != /* ]]; then
|
||||
APP_PATH="$(pwd)/$APP_PATH"
|
||||
echo "Converted to absolute path: $APP_PATH"
|
||||
fi
|
||||
|
||||
echo "Will sign and notarize: $APP_PATH"
|
||||
echo "Contents of app bundle:"
|
||||
ls -la "$APP_PATH"
|
||||
echo "app_path=$APP_PATH" >> $GITHUB_OUTPUT
|
||||
shell: bash
|
||||
|
||||
- name: Setup for Signing
|
||||
id: setup-signing
|
||||
env:
|
||||
API_KEY_PATH: ${{ secrets.NOTARY_API_KEY_PATH }}
|
||||
run: |
|
||||
# Decode the API key from Base64 secret
|
||||
echo "$API_KEY_PATH" | base64 --decode > api_key.p8
|
||||
echo "api_key_file=$(pwd)/api_key.p8" >> $GITHUB_OUTPUT
|
||||
shell: bash
|
||||
|
||||
- name: Sign macOS App
|
||||
uses: lando/code-sign-action@v3
|
||||
id: sign-app
|
||||
@ -127,7 +156,7 @@ jobs:
|
||||
certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
|
||||
certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
|
||||
apple-team-id: "${{ secrets.APPLE_TEAM_ID }}"
|
||||
options: --force --options runtime --deep --timestamp --entitlements ./LuckyRobots.entitlements
|
||||
options: --force --options runtime --deep --timestamp --entitlements ~/LuckyRobots.entitlements
|
||||
|
||||
- name: Notarize macOS App
|
||||
run: |
|
||||
@ -136,17 +165,19 @@ jobs:
|
||||
NOTARIZE_APP_PATH="./LuckyRobots-notarize.zip"
|
||||
ditto -c -k --keepParent "$APP_PATH" "$NOTARIZE_APP_PATH"
|
||||
|
||||
API_KEY_FILE="${{ steps.setup-signing.outputs.api_key_file }}"
|
||||
# Set up API key
|
||||
API_KEY_PATH="$(pwd)/api_key.p8"
|
||||
echo "${{ secrets.NOTARY_API_KEY_PATH }}" | base64 --decode > "$API_KEY_PATH"
|
||||
|
||||
# Submit for notarization using API key
|
||||
echo "Submitting for notarization with API key..."
|
||||
xcrun notarytool submit "$NOTARIZE_APP_PATH" --key "$API_KEY_FILE" --key-id "${{ secrets.NOTARY_API_KEY_ID }}" --issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}" --wait
|
||||
xcrun notarytool submit "$NOTARIZE_APP_PATH" --key "$API_KEY_PATH" --key-id "${{ secrets.NOTARY_API_KEY_ID }}" --issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}" --wait
|
||||
|
||||
# Staple the ticket to the application
|
||||
xcrun stapler staple "$APP_PATH"
|
||||
|
||||
# Clean up the API key file
|
||||
rm -f "$API_KEY_FILE"
|
||||
rm -f "$API_KEY_PATH"
|
||||
rm -f "$NOTARIZE_APP_PATH"
|
||||
shell: bash
|
||||
|
||||
@ -155,17 +186,18 @@ jobs:
|
||||
# Package the signed and notarized app
|
||||
APP_PATH="${{ steps.validate-app.outputs.app_path }}"
|
||||
APP_NAME=$(basename "$APP_PATH")
|
||||
DIR_PATH=$(dirname "$APP_PATH")
|
||||
WORKSPACE_DIR="$(pwd)"
|
||||
OUTPUT_DIR="$WORKSPACE_DIR/TestSignedApps"
|
||||
|
||||
# Create test output directory
|
||||
mkdir -p TestSignedApps
|
||||
mkdir -p "$OUTPUT_DIR"
|
||||
|
||||
echo "Creating test package..."
|
||||
(cd "$DIR_PATH" && zip -r "../../TestSignedApps/Test-$APP_NAME.zip" "$APP_NAME")
|
||||
echo "Created test package: TestSignedApps/Test-$APP_NAME.zip"
|
||||
ditto -c -k --keepParent "$APP_PATH" "$OUTPUT_DIR/Test-$APP_NAME.zip"
|
||||
echo "Created test package: $OUTPUT_DIR/Test-$APP_NAME.zip"
|
||||
|
||||
echo "Test packaged apps:"
|
||||
ls -la TestSignedApps/
|
||||
ls -la "$OUTPUT_DIR"
|
||||
shell: bash
|
||||
|
||||
- name: Upload Test Signed App
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user